System and method for automatic provisioning of onsite networking services

ABSTRACT

The system and method described herein may activate an automatic provisioning system within customer premise equipment via a digital subscriber line, cable modem, or other residential hub or gateway interface and access a remote directory service to locate appropriate addressing and other information to initialize the customer premise equipment. The gateway interface may automatically update a configuration, heal bugs, and perform other maintenance and tasks to manage the customer premise equipment. Multiple gateway interfaces or products or services associated therewith may be configured at one premise and version control may be maintained to ensure compatibility.

PRIORITY

This application claims priority from a provisional application of thesame title filed on May 1, 2000 and assigned application number60/200,759.

FIELD OF INVENTION

The invention relates to the field of networking, and more particularlyto enabling automatic provisioning of CPE (Customer Premise Equipment)for efficient delivery of network-based services.

BACKGROUND OF THE INVENTION

The pervasiveness of Internet and other network technology has led toincreasing quantities and varieties of network-based services.Residential and business consumers seeking to take advantage of theseservices require a gateway, hub, or other type of CPE (Customer PremiseEquipment) for interfacing to the Internet or other network.Unfortunately, when a CPE is initially installed, a number ofcomplicated and time-consuming operations must be undertaken, such as toconfigure IP addresses, establish TCP/IP sockets, stacks or otherprotocol support. Such operations often can only be performed by atechnician or programmer with the special skills and equipment.Moreover, changes in services or end-user equipment may require that theCPE be periodically reconfigured. These configuration obstacles reducethe attractiveness of on-premise network products in general, and theinstallation of CPE (Customer Premise Equipment) in particular. Theseand other drawbacks exist.

SUMMARY OF THE INVENTION

The invention overcoming these and other problems in the art relates toa system and method for automatic provisioning of onsite networkingservices which alleviate the need for manual configuration of CPE, inpart by establishing a connection between the CPE to be installed and aremote directory service dedicated to management and automatedconfiguration of the device, in whole or part, without necessaryintervention by a system administrator, technician, or end user.

An object of the invention in one regard is to provide a CPE interfacecontaining preprogrammed provisioning information to detect and transmitIP address and other resources, or to provision the ATM (AsynchronousTransfer Mode) virtual circuit from a home or other site.

Another object of the invention is to provide a CPE interface andassociated directory service which may periodically maintain and updatethe configuration settings on the CPE interface, such as for debugging,self-healing or service upgrade purposes.

Another object of the invention is to provide a remote directory servicewhich is capable of detecting, identifying and servicing a variety ofdifferent types of CPE interface hardware, such as cable modems, ISDN,DSL or other products or services.

Another object of the invention is to provide a remote directory servicewhich is capable of detecting, identifying and managing video, firewall,or other value-added services that can run on the CPE interfacehardware.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will be described with reference to the accompanyingdrawings, in which like elements are referenced with like numbers.

FIG. 1 is a schematic diagram of a system architecture configured forautomated provisioning of network services, according to one embodimentof the invention.

FIG. 2 is a flow diagram illustrating processes for initial CPE(Customer Premise Equipment) provisioning, diagnostics, and the deliveryof broadband services, according to one embodiment of the invention.

FIG. 3 is a schematic diagram depicting an initial set of softwareobjects in the directory and on the CPE (Customer Premise Equipment)prior to automated provisioning, according to one embodiment of theinvention.

FIG. 4 is a flow diagram illustrating the operational steps associatedwith automated provisioning of a CPE (Customer Premise Equipment),according to one embodiment of the invention.

FIG. 5 is a schematic diagram depicting a final set of software objectsin the directory and on the CPE (Customer Premise Equipment) afterautomated provisioning, according to one embodiment of the invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

In general, the invention relates to the installation, configuration, orprovisioning of Customer Premise Equipment (CPE) 100, which may beconnected to end-user appliances 130 and to a directory service 160 viacommunication links 120, as depicted in FIG. 1.

CPE 100 provides an interface between sources of network-based servicesand end-user appliances 130. CPE 100 may be or include, for instance, aresidential or business gateway, hub, router or other device that issold or leased by telephone carriers, Internet Service Providers orothers that is installed in residences, office buildings, or otherpremises for delivery of network-based services to end-user appliances130. CPE 100 may further include a processor 102 that may be or include,for example, a microprocessor such as an Intel x86-based device, aMotorola 68K or PowerPC™ device, a MIPS, Hewlett-Packard Precision™, orDigital Equipment Corp. Alpha™ RISC processor, a microcontroller, adigital signal processor (DSP), or other general or special purposedevice operating under programmed control. CPE 100 may also includelocal data store 104 which may be implemented as RAM (random accessmemory) or EPROM (electronically programmable read only memory), harddrive storage, CDROM or rewritable CDROM or other magnetic, optical orother media, and other associated components connected over anelectronic bus, as will be appreciated by persons skilled in the art.

End-user appliances 130 are devices that interact with network-basedservices through a CPR End-user appliances 130 may be or include: aWebTV™ unit; a radio-enabled Palm™ Pilot or similar unit; a televisionset-top box; a networkable game-playing console such as SonyPlaystation™ or Sega Dreamcast™; a browser-equipped cellular telephone;a personal computer; a home theater, digital audio system, video player,or other audio or video entertainment appliance; a camera, microphone,motion detector, magnetic switch, or other device employed forsurveillance or for other purposes; devices that monitor the operationand use of electric, gas, water, or other utilities; a refrigerator,freezer, dishwasher, washing machine, clothes dryer, microwave, coffeemaker, furnace, air conditioner, or other household appliance; and otherdevices used to transmit or receive executable programs or data.

Directory service 160 may contain configuration data and programs usedto provision a CPE 100 for delivery of network-based services toend-user appliances 130. In delivering such services, application codemay be executed on CPE 100, end-user appliances 130, or both. Directoryservice 160 may be a distributed directory service, for example where itmanages data on servers 110 and 140 as depicted in FIG. 1. Additionally,the organization of directory service 160 may be hierarchical, forinstance where server 110 is a global server and server 140 is aregional server. In another embodiment, directory service 160 may beimplemented in a network of three or more servers. In yet anotherembodiment, directory service 160 may be implemented on a single server.Interfaces to directory service 160 may be compliant with the X.500standard familiar to those skilled in the art, and may also function inaccordance with Lightweight Directory Access Protocol (LDAP), such aswith the NDS® eDirectory™ product. Other directory service products,using the same or different protocol, could also be utilized to practicethe invention.

Servers 110 and 140 may be or include, for instance, a workstationrunning the Microsoft Windows™ NT™, Windows™ 2000, Unix, Linux, Xenix,IBM AIX™, Hewlett-Packard UX™, Novell Netware™, Sun MicrosystemsSolaris™, OS/2™, BeOS™, Mach, Apache, OpenStep™ or other operatingsystem or platform. Servers 110 and 140 may further include or interfaceto electronic storage 112 and 142, respectively. Electronic storage 112and 142 may in turn be, include or interface to, for example, theOracle™ relational database sold commercially by Oracle Corp. Otherdatabases, such as Informix™, DB2 (Database 2), Sybase or other datastorage or query formats, platforms or resources such as OLAP (On LineAnalytical Processing), SQL (Standard Query Language), a storage areanetwork (SAN), Microsoft Access™ or others may also be used,incorporated or accessed in the invention.

A console 150 may be utilized to manage the operations of directoryservice 160. Console 150 may be a Java-based Graphical User Interface(GUI) utility such as Novell ConsoleOne™. Alternatively, console 150 maybe implemented with a standard HTML Web browser. Console 150 may run onserver 110 and 140, or may, for example, run on a workstation thatinterfaces to server 110 and 140 via communication link 120.

As depicted in FIG. 1, major system components may be connected viacommunication link 120. Communication link 120 may be, include orinterface to any one or more of, for instance, the Internet, anintranet, a PAN (Personal Area Network), a LAN (Local Area Network), aWAN (Wide Area Network) or a MAN (Metropolitan Area Network), a storagearea network (SAN), a frame relay connection, an Advanced IntelligentNetwork (AIN) connection, a synchronous optical network (SONET)connection, a digital T1, T3, E1 or E3 line, Digital Data Service (DDS)connection, DSL (Digital Subscriber Line) connection, an Ethernetconnection, an ISDN (Integrated Services Digital Network) line, adial-up port such as a V.90, V.34 or V.34bis analog modem connection, aDOCSIS (Data Over Cable Service Interface Specification) compliant orother cable modem, an ATM (Asynchronous Transfer Mode) connection, or anFDDI (Fiber Distributed Data Interface) or CDDI (Copper Distributed DataInterface) connection. Communications link 120 may furthermore be,include or interface to any one or more of a WAP (Wireless ApplicationProtocol) link, a GPRS (General Packet Radio Service) link, a GSM(Global System for Mobile Communication) link, a CDMA (Code DivisionMultiple Access) or TDMA (Time Division Multiple Access) link such as acellular phone channel, a GPS (Global Positioning System) link, CDPD(cellular digital packet data), a RIM (Research in Motion, Limited)duplex paging type device, a Bluetooth radio link, or an IEEE802.11-based radio frequency link. Communications link 120 may yetfurther be, include or interface to any one or more of an RS-232 serialconnection, an IEEE-1394 (Firewire) connection, a Fibre Channelconnection, an IrDA (infrared) port, a SCSI (Small Computer SystemsInterface) connection, a USB (Universal Serial Bus) connection, a PublicSwitched Telephone Network (PSTN), or other wired or wireless, digitalor analog interface or connection.

Not all instances of communication link 120 shown in FIG. 1 must beidentical. Additionally, the link between any two system components maychange over time. For example, CPE 100 may initially communicate withserver 110 or server 140 via a public switched telephone network toobtain IP addressing, then switch to packet-based Internetcommunication.

The system illustrated in FIG. 1 may be advantageously configured toperform the processes depicted in FIG. 2. Initial CPE provisioning instep 200 may allow for the delivery of broadband services to consumersin step 202. Step 200 provisioning is further depicted in FIG. 4.

In the delivery of services, step 202, application code may be executedon CPE 100, end-user appliances 130, or both. Consider, for example, thecase where end-user appliance 130 is a power-monitoring device. In thisinstance, application code may first be sent from directory service 160to CPE 100, then from CPE 100 to the power-monitoring device. Thepower-monitoring device may then run the application code and may evencommunicate directly with the power company. In the embodiment justdescribed, CPE 100 has not executed any application code. In other uses,application code may be executed on both CPE 100 and end-user appliance130. An example might be the case of on demand video services. Here, CPE100 may execute code in order to download and store videos that areordered by an end-user, and perhaps also to track licensing of the videoand to perform billing tasks related to video usage. End-user videoappliance 130 may also execute code, such as code necessary to interfacebetween an end-user and CPE 100 in order to play, pause, rewind, orfast-forward videos. So, in this case, delivery of services may requirethat application code run on both CPE 100 and end-user appliance 130.

Over time, a consumer of broadband services may choose to make changesby, for example, subscribing to different broadband services, adding ordeleting end-user appliances 130, or by changing CPE 100. Serviceproviders and administrators of the delivery system may also initiatevarious changes in how services are delivered. Such changes may requirereconfiguration of the delivery system shown in FIG. 1. In oneembodiment of the invention, after step 200 of initial CPE provisioning,parameters representing the system configuration are embedded insoftware objects as illustrated in FIG. 5. It is one aspect of theinvention to provide automated maintenance of the system configurationby copying or deleting software objects when necessary.

Steps 204 through 220 in FIG. 2 illustrate one embodiment of theautomated maintenance process. In step 204, CPE 100 may monitordirectory service 160 and local data store 104 for changes in softwareobjects that relate to that instance of CPE 100. Monitoring step 204 mayoperate simultaneously with the delivery of broadband services in step202. In step 206, CPE 100 may determine whether a broadband service isbeing added. If so, CPE 100 may download tailored service objects 504from directory service 160 in step 208, saving a copy of those sameobjects to local data store 104 in step 210. In step 212, CPE 100 mayuse processor 102 to launch the executable application code contained intailored service objects 504 for the delivery of new broadband servicesto end-user appliances 130. In alternative embodiments, the applicationcode may be executed on CPE 100, on end-user appliances 130, or both.If, on the other hand, it is determined in step 206 that services arenot being added, and it is further determined in step 214 that servicesare to be removed, then CPE 100 may halt and unload any associated codebeing executed by processor 102 in step 216, and, in step 218, maydelete the corresponding tailored service objects 504 stored in localdata store 104. In order to prevent download of these canceled servicesto CPE 100 at a later time, the copy of the associated tailored serviceobjects 504 stored in directory service 160 may also be deleted in step220.

Step 200 provisioning may also enable diagnostic testing at CPE 100,concurrent with the delivery of services in step 202, as shown by step222. Step 222 may, for example, perform diagnostic testing of CPE 100,end-user appliances 130, or communication link 120. If no errors arefound, step 224 may direct that diagnostic testing step 222 continue.If, on the other hand, errors are present, step 224 may direct that theerrors be logged in step 226 and cause an alarm to be activated in step228. After a predetermined time delay or acknowledgement by a user orsystem administrator, the alarm may be reset in step 230 and thediagnostic testing of step 222 may resume. In an alternative embodiment,diagnostic step 222 may operate only on demand, either under automaticcomputer control or through manual operation. Diagnostics step 222 mayalso be combined with a self-healing process for automatically repairingerrors, although this embodiment is not depicted in FIG. 2.

FIG. 3 depicts the types of objects that may be present in directoryservice 160 and local data store 104 prior to operation of initial CPEprovisioning step 200. The following schema for each object type isillustrative of one embodiment. Global bootstrap object 300 may contain,for example, class name, class size, and a configuration agent. In oneembodiment the configuration agent may be implemented in Java; inanother embodiment the configuration agent may be native executable codesuch as that compiled from the “C” Language. Global policy object 302may include the IP address of regional severs and a default regionalpolicy. Standard service objects 304 may contain start date, end date,price, billing unit, unit usage, hardware requirements, Java codeassociated with the broadband services to be delivered, and othernecessary service configuration and operating parameters. Regionalpolicy objects 306 may contain a poll interval, the possible locationfor CPE objects 500, templates for creating CPE objects 500, a changeflag, a listing of services, the location of hardware information andservice objects, and a server security certificate. The hardwareinformation objects 308 may define the properties of CPE 100, forexample, the manufacturer, model, serial number, and variouscommunication parameters. Finally, CPE bootstrap object 310 may containinitial addressing, passwords, and certificates necessary to communicatewith other servers 110 and 140 for automatic provisioning. CPE bootstrapobject 310 may have been written to local data store 104 at the point ofmanufacture, or at least before the sale of CPE 100 to a consumer. In analternative embodiment, CPE bootstrap object 310 may be written to aremovable memory device such as a floppy disk, compact disc, or smartcard.

In an embodiment of the invention not depicted in FIG. 3, directoryservice 160 may also contain customer objects 502. This may be true, forinstance, where an existing telephone service provider will now beproviding DSL service to the same customer, and where that serviceprovider already has customer information stored in a data base.Customer objects 502 may include, for example, the name and address ofthe consumer of broadband services, and, perhaps, the customer'spreferred method of payment, among other information.

As indicated above, application of the invention may involve multipleinstances of any given object type. For example, there may be hundredsof different standard service objects 304 made available by hundreds ofproviders of broadband services. Likewise, there may be millions ofhardware information objects 308, identifying each specific applicationof dozens of different CPE 100 models. Other object types may also havemultiple instances.

FIG. 4 further details one embodiment of initial CPE provisioning step200. The process begins in step 400 when CPE 100 is turned on. If CPEobject 500 is found in local data store 104, then step 402 may directthe process to end at step 438. If, on the other hand, the CPE object500 is not found in local data store 104, then step 402 may direct theprovisioning process to continue to step 404, where the CPE bootstrapobject 310 is retrieved from local data store 104 or an alternativelocation as indicated above.

In step 406, CPE 100 may obtain an IP (Internet Protocol) address from aDHCP (Dynamic Host Configuration Protocol) server, which may be server140, for example. To perform this operation, CPE 100 may broadcast aDISCOVER message looking for a DHCP server. A router may direct CPE 100to an appropriate DHCP server. CPE 100 may then send a REQUEST packet,to which the DHCP server replies with an OFFER. When CPE 100 sends anACK packet, the DHCP server may assign an IP address to CPE 100 and mayfurther configure other servers for communication with CPE 100.

In an alternative embodiment of step 406, an IP address may be retrieveddirectly from CPE bootstrap object 310, the IP address having beenassigned as part of the initial configuration of CPE 100.

Techniques involving the use of SNMP (Simple Network ManagementProtocol) for automatic retrieval of the IP address may also be used asan alternative embodiment of step 406. For example, ILMI (IntegratedLocal Management Interface) or MMI (Modem Management Interface) toolsfamiliar to those skilled in the art of network management protocols maybe employed to transport the IP address from directory 160 to CPE 100.

In yet another embodiment of step 406, IP addressing may be hosted by aDSLAM (Digital Subscriber Line Access Multiplexer), for example by usinga LDAP (Lightweight Directory Access Protocol) agent to retrieve the IPaddress from policy objects in directory 160, and by relying on ILMI orMMI to transport the IP address to CPE 100.

Once CPE 100 secures an IP address, it may then connect to directoryservice 160 via the Internet or other instance of communication link 120in step 408 in order to retrieve global bootstrap object 300 in step410. As indicated above, global bootstrap object 300 may contain aconfiguration agent. This agent may be extracted in step 412 andlaunched in step 414 to perform subsequent tasking in initial CPEprovisioning step 200.

In step 416, the agent may determine the appropriate region for theinstance of CPE 100 that is being automatically provisioned. In oneembodiment of step 416, the agent may use the TCP/IP address obtainedfrom the DHCP server to determine the regional policy to which it isassigned. Suppose, for example, that the DHCP server assigned a TCP/IPaddress of 151.155.128.25. The agent may build an object search stringof 151_(—)155_(—)128_*, perform an LDAP search, and obtain region ID151_(—)155_(—)128_ProvoSouth_CentralOffice_USWest. In another embodimentof step 416, the agent may use a premise circuit ID to determine theregion to which it is assigned. For example, the agent may make an IPmulticast or SNMP (Simple Network Management Protocol) query to aspecific port of CPE 100, and receive an ID of 64_YGGA_(—)610271 inresponse. The agent may then build an LDAP search string of 64_YGGA_*that returns a region ID 64_YGGA_ProvoSouth_CentralOffice_USWest.

Having identified the region, the agent may now retrieve regional policyobject 306 in step 422. As shown in FIG. 4, it may be necessary to firstdisconnect CPE 100 from a global server (server 110 for instance) instep 418, then connect CPE 100 to a regional server (for example, server140) in step 420. In other embodiments of initial provisioning step 200,steps 418 and 420 may not be necessary, either because all objectsreside on a single server, or because directory service 160 isdistributed in nature, providing access to objects on multiple serverswithout requiring CPE 100 to change its connection.

CPE object 500 may represent an instance of CPE 100 in directory 160.Among other things, CPE object 500 may reference the service objects304, regional policy object 306, and hardware information object 308that are applicable to that instance of CPE 100. Step 424 illustratesthat if the agent can find CPE object 500 in directory 160, then step402 may direct the process to end at step 434. Otherwise, initial CPEprovisioning step 200 may continue in step 426 to create CPE object 500.

There are at least two different embodiments of step 426. In oneembodiment, an agent running on CPE 100 may create CPE object 500 (foritself) in directory service 160. In another embodiment of step 426, anagent on a Web server may create CPE object 500. In the latter case,information about CPE 100 may be sent to a Web server or gathered by theWeb interface. The Web server agent may also validate that it hassufficient information to complete the operation before storing CPEobject 500 in directory service 160.

In step 428, the system searches for the appropriate instance ofcustomer object 502. If customer object 502 is not found, then it may becreated, in step 430, according to the same alternative embodimentsdescribed for step 426 above. In an alternative embodiment of initialCPE provisioning step 200, there may not be a customer object 502.Instead, all customer information may be included in CPE object 500. Itmay be advantageous to keep CPE and customer data separate, however, forthe case where a single customer has multiple instances of CPE 100.

In step 432, the CPE agent may associate the appropriate hardwareinformation object 308 with the newly created CPE object 500 andcustomer object 502. In execution of this step, CPE 100 may determineits network circuit identifier, telephone number, or other connectioninformation, in order to make the association with customer object 502.

Then, in step 434, tailored service objects 504 may be created, adaptingthe applicable standard service objects 304 to the format specified inhardware information object 308 associated with the newly created CPEobject 500. Thus, broadband services may be packaged for a specificconsumer based on the specific services that he or she has subscribedto, and the specific type of CPE 100 that a consumer is using.

Before these services can be executed, however, it may be necessary thatthey reside on CPE 100. In step 436, then, at least one instance ofregional policy objects 306, hardware information objects 308, CPEobjects 500, and tailored service objects 504 may be downloaded fromdirectory 160 to local data store 104. In one embodiment of step 436,ATM VC (Virtual Circuits) may be employed to transport provisioninginformation from policy objects in directory 160 to CPE 100.

FIG. 5 shows the types of objects that may reside in directory service160 and local data store 104 after initial CPE provisioning step 200 hasbeen executed. In addition to the object types described above, localdata store 104 may also contain certain private data 506, which is notmanaged by directory service 160.

The foregoing description of the invention is illustrative, andvariations in configuration and implementation will occur to personsskilled in the art. The scope of the invention is accordingly intendedto be limited only by the following claims.

1-2. (canceled)
 3. A method, comprising: representing a piece ofequipment as a managed object and populating the managed Object to adirectory; capturing, by the managed object, diagnostics for the pieceof equipment; and installing a new service to an environment associatedwith the piece of equipment in response to evaluation of thediagnostics, the new service having testing and monitoring capabilitiesrelevant to the piece of equipment.
 4. The method of claim 3, whereincapturing further includes logging errors identified with thediagnostics.
 5. The method of claim 4, wherein logging further includesraising an alarm in response to the errors.
 6. The method of claim 1further comprising, initiating a self-healing process to repair theerrors.
 7. The method of claim 1, wherein capturing further includesinitiating diagnostic testing that produces the diagnostics.
 8. Themethod of claim 7, wherein initiating further includes initiating thediagnostic testing on demand.
 9. The method of claim 1 furthercomprising, removing the new service from the environment.
 10. Themethod of claim 1 further comprising, updating a new version of themanaged object to the directory.
 11. The method of claim 1, wherein thepiece of equipment is router, gateway, or hub connected to an end-userappliance within the environment.
 12. A method, comprising: interfacinga network device to a directory, the directory including arepresentation for a managed object; executing the managed object in anenvironment of a customer; monitoring the managed object fordiagnostics: and deploying a new service to the environment in responseto the diagnostics.
 13. The method of claim 12, wherein the networkdevice is one of: a router, a gateway, a proxy, or a hub.
 14. The methodof claim 12, wherein monitoring further includes initiating aself-healing process in response to an error identified in thediagnostics.
 15. The method of claim 12, wherein deploying furtherincludes deploying the new service to the environment in response to analert raised from evaluation of the diagnostics.
 16. The method of claim12, wherein deploying further includes deploying the new service whilethe managed object executes and produces continually produces thediagnostics.
 17. The method of claim 12, wherein deploying furtherincludes selecting the new service based on evaluation of policyassociated with the environment.
 18. The method of claim 12, whereindeploying further includes selecting the new service based oninformation relevant to the customer.
 19. The method of claim 12,wherein deploying further includes deploying the new service as one of:a broadband service and an on-demand video service.
 20. A system,comprising: a directory; a server configured and adapted to: i)represent a managed object in the directory, ii) execute the managedobject on the server, iii) evaluate diagnostics produced by the managedobject, and iv) install a new service to an environment based on thediagnostics.
 21. The system of claim 20, wherein the server is furtheradapted and configured to v) initiate a self-healing process within theenvironment to remedy an error detected in the evaluation of thediagnostics.
 22. The system of claim 20, wherein the server is furtheradapted and configured, in iv), to select the new service in response toa policy evaluation in view of the diagnostics.